From 6d3b2dac16d54418f7080b4f3827f715d6067c87 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Tue, 15 Sep 2020 12:12:05 -0300
Subject: [PATCH] =?UTF-8?q?no=20filtrar=20informaci=C3=B3n=20a=20direccion?=
 =?UTF-8?q?es=20externas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

ni permitirles modificar la ventana de origen
---
 app/assets/javascripts/external_links.js | 11 ++++++-----
 app/views/layouts/application.html.haml  |  2 +-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/app/assets/javascripts/external_links.js b/app/assets/javascripts/external_links.js
index 17e9cf2e..116193c8 100644
--- a/app/assets/javascripts/external_links.js
+++ b/app/assets/javascripts/external_links.js
@@ -1,5 +1,6 @@
-$(document).on('turbolinks:load', function() {
-  $("a[href^='http://']").attr('target', '_blank');
-  $("a[href^='https://']").attr('target', '_blank');
-  $("a[href^='//']").attr('target', '_blank');
-});
+document.addEventListener('turbolinks:load', () => {
+  document.querySelectorAll("a[href^='http://'],a[href^='https://'],a[href^='//']").forEach(a => {
+    a.rel = "noopener"
+    a.target = "_blank"
+  })
+})
diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml
index 2392bb44..8a33f8b1 100644
--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
@@ -7,7 +7,7 @@
     %meta{ name: 'color-scheme', content: 'light dark' }/
     %meta{ name: 'viewport',
            content: 'width=device-width, initial-scale=1.0' }/
-    %meta{ name: 'referrer', content: 'origin' }/
+    %meta{ name: 'referrer', content: 'same-origin' }/
 
     %title Sutty